Privacy Policy

This Privacy Policy describes how Diskus AI (“Diskus”, “we”, “us”) collects, uses, and protects information when you use our websites and applications, including Diskus AI Email, Bhagya Jyotish, and other products in the Diskus suite (together, the “Services”).

1. Information we collect

• Account information. When you create a Diskus account, we collect your name, email address, and authentication credentials. Passwords are stored only as salted cryptographic hashes.
• Sign-in with Google. If you choose to sign in with Google, we receive your basic profile information from Google: your name, email address, and profile picture. We do not receive your Google password.
• Application content. Content you create or connect within the Services (for example, mail accounts you connect in Diskus AI Email, or charts you create in Bhagya Jyotish) is processed to provide the Service you requested.
• Technical data. We collect limited technical logs (IP address, device/browser type, timestamps, error diagnostics) needed to operate, secure, and debug the Services.

2. Google user data

Some Services connect to Google APIs with your explicit consent — for example, connecting a Gmail mailbox to Diskus AI Email. In those cases:

• We access only the data and scopes you approve on the Google consent screen.
• Mailbox data is used solely to provide the email features you requested — displaying, organising, searching, and sending your mail. We do not use Google user data for advertising, and we do not sell it to anyone.
• Access and refresh tokens are stored encrypted, and mailbox content is processed within the application; AI features operate on your data only to serve you, never to build advertising profiles.
• You can revoke our access at any time from your Google Account permissions page, and we will no longer be able to access the associated data.

Diskus AI's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

3. How we use information

• To provide, maintain, and improve the Services.
• To authenticate you across Diskus applications through our single sign-on platform (Astra).
• To secure the Services, prevent abuse, and debug failures.
• To communicate with you about your account or material changes to the Services.

We do not sell personal information. We do not share personal information with third parties for their own marketing.

4. Data retention & deletion

We retain personal information only as long as needed to provide the Services or as required by law. You may request deletion of your account and associated data by writing to hello@diskus.ai; we will action verified requests within 30 days. Disconnecting a linked Google account deletes the associated tokens from our systems.

5. Data security

Services run on hardened cloud infrastructure with encryption in transit (TLS) and at rest. Internal access to production data is restricted, credentialed, and audited. Authentication across the suite uses asymmetric, signed tokens rather than shared secrets.

6. International transfers

Our infrastructure is primarily hosted in India (AWS Asia Pacific). Where data is processed in other regions, we apply the same safeguards described in this policy.

7. Cookies

This website sets no cookies; applications use only strictly necessary session credentials. See the full Cookie Policy.

8. Your rights

Depending on where you live, you have some or all of the following rights, and we honour them for all users regardless of location:

• Access & portability — receive a copy of the personal data we hold about you.
• Correction — have inaccurate personal data corrected.
• Erasure — have your account and data deleted (see Data Deletion).
• Withdrawal of consent — withdraw consent for processing that relies on it (for example, disconnecting a linked Google account).
• Grievance & complaint — raise a grievance with us, and escalate to your supervisory authority: the Data Protection Board of India under the Digital Personal Data Protection Act, 2023 (DPDP Act); your national authority under the GDPR (EU/EEA); or the California Attorney General under the CCPA/CPRA. We do not “sell” or “share” personal information as defined by the CCPA.

To exercise any right, email hello@diskus.ai. We respond within 30 days and may ask you to verify ownership of the account first.

9. Grievance redressal (India)

In accordance with the Information Technology Act, 2000, the IT Rules, 2021, and the DPDP Act, 2023, grievances are handled by our Grievance Officer: reachable at hello@diskus.ai (subject line “Grievance”). Acknowledgement within 24 hours; resolution within 15 days.

10. Children

The Services are not directed to children under 13, and we do not knowingly collect personal information from them. Where the DPDP Act applies, we do not process the data of users under 18 without verifiable parental consent.

11. Changes to this policy

We may update this policy from time to time. Material changes will be announced within the Services or by email, and the effective date above will be revised.

12. Contact

Questions or requests regarding privacy: hello@diskus.ai.